ietf
[Top] [All Lists]

Re: [TLS] Last Call: draft-ietf-tls-renegotiation (Transport Layer

2009-12-02 14:24:03
Stephen Farrell wrote:

7. 6.2 says: "If servers wish to <<avoid attack>> they MUST
NOT <<do stuff>>" Isn't that equivalent to servers SHOULD
NOT? I think a SHOULD NOT is better. (And that's the form
used in section 7.)


This might be confusion with ISO terminology.

   MUST       ==  SHALL
   MUST NOT   ==  SHALL NOT
   SHOULD     ==  RECOMMENDED
   SHOULD NOT ==  NOT RECOMMENDED


   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].


And btw. the document that standardizes the secure renegotiation
will have to say that it updates RFC-5246, because it needs to.


-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf